“Creating Spyware Mobile Applications Easy”

There have not been too many instances of malware spread through mobile applications as yet. This is very unlike Microsoft’s experience in the PC market. One big reason for the presumably smaller number of malwares and spywares on smartphone platforms is because the marketplace owners still hold a significant control over the applications that are marketed through their application stores.

But, creating spyware mobile apps for smartphone platforms is not difficult. To measure the difficulty level, the BBC staff set about writing a crude gaming application that – besides letting the end user play a game – also sneakily stole contacts information, text messages and phone location and passed on the information to a specially set-up email address. BBC points out that a significant portion of the code was copied from various places on the internet and that the spyware took up almost 250 lines of the total app code length of 1500 lines. BBC also notes that all the information-stealing pieces of codes were infact legitimate pieces of code that were deliberately used with a malicious intent.

According to Wysopal from Veracode, this is not exactly a new discovery. He says,

“The face of the application, be it a game or a simple application that is for fun, can have behaviour that is not visible at the surface. There’s been cases of spyware being detected on the internet, downloaded even from application stores or from other websites. We’ve detected it out there. On the personal side there are cases of jilted lovers cyber-stalking their ex-boyfriend or ex-girlfriend through their phone.”

There are apparently not too many ways to be assured of a malware attack apart from say noticing a heavy battery drain overnight or strange subscriptions that you have not signed up to on your monthly bills.